PC Remote Management in Industrial Settings

33
Managing PCs in industrial automation deployments Josh Neland Technology Strategist

Transcript of PC Remote Management in Industrial Settings

Page 1: PC Remote Management in Industrial Settings

Managing PCs in industrial automation deployments

Josh Neland

Technology Strategist

Page 2: PC Remote Management in Industrial Settings

Global MarketingConfidential2

System

Typical setting

x86 ControllerControllerControllerController

x86 ControllerControllerControllerController

HMI - x86

Page 3: PC Remote Management in Industrial Settings

Global MarketingConfidential3

System

Physical management has limits

SystemSystemSystemSystemSystemSystemSystemSystemSystemSystemSystemSystemSystem

Page 4: PC Remote Management in Industrial Settings

Global Marketing4 Confidential

System management overview

Page 5: PC Remote Management in Industrial Settings

Global Marketing

System Management Overview

1. Monitor and manage many systems from a single point

2. Proactively discover, diagnose and correct issues with minimal downtime

3. Increase effectiveness of your service organization

Management Console or Utility

Computer(node)

Computer(node)

Page 6: PC Remote Management in Industrial Settings

Global Marketing

High Level Overview – Node Perspective

Increase choice of What can be managed

Sensors

Network Controllers

StorageControllers

Chassis

WS-MAN/WS-CIM

Intelligent Device

Standard bi-directional & pass through

4

Standard OS & BIOS interfaces

Increase choice of What can manage

Increase choice of Who can

manage

Increase choice of Environment

Management Controller

4 1

23

Local OS & Power States

Remote Management

Console

Local Peer Intelligent Devices

Local Managed Elements

Intelligent Device

Page 7: PC Remote Management in Industrial Settings

Global Marketing

Standardize Key Boundaries on the Managed Node

Network

New Managed Node

Architecture

Legend

Dell Proprietary

Industry Standard

Vendor Provided

Industry Applications

DASH/SMASH/WS-CIM

IPMI/PMCI

Ven

dor

Pro

vid

er

Dell Native

Provider

SMASH System Management Architecture for Server H/WDASH Desktop & Mobile Architecture for System H/WIPMI Intelligent Platform Management InterfacePMCI Platform Management Component Intercommunication

+

Altiris

Customer Created

SCCM

Dell Branded

Customer Created

Provide a Standard Interface for Management Applications

Provide a Standard Interface for Management

Applications

Provide a Standard Interface for Device Level Communications

Page 8: PC Remote Management in Industrial Settings

Global MarketingConfidential8

Architecture

Page 9: PC Remote Management in Industrial Settings

Global Marketing9 Confidential

DASH

Page 10: PC Remote Management in Industrial Settings

Global MarketingConfidential10

DASH

Wrapper specification

• Discovery (WS-Man)

• Security (HTTPS, SSL, CIM)

• Common Information Model (CIM)

• XML for transport/encoding (WS-CIM)

• HTTP for access

Adopted by Tier-1: Dell, IBM, HP, Cisco, BMC, etc.

Controlled by the DMTF

Page 11: PC Remote Management in Industrial Settings

Global MarketingConfidential11

CIM capabilities

• Object Oriented

• Abstraction and classification– classes– properties– associations (aggregate and non-aggregate)– methods

• Inheritance

• Known root objects

• Meta model

Page 12: PC Remote Management in Industrial Settings

Global MarketingConfidential12

Example CIM interfaces

• Device and asset representation: eg. Processor, Chassis, Memory, etc..

• Power control, device control, FW inventory and update interfaces

• 3rd party NVRam datastore

• BIOS Management

• Remote access / control mechanisms

• Diagnostic invocation and result retrieval

• Asynchronous Indication subscription and notification

Page 13: PC Remote Management in Industrial Settings

Global MarketingConfidential13

Web Services for Management (WS-Man)

• SOAP based

• CRUD approach

• Enumerate collections (large tables or logs)

• Subscribe to events

• Execute methods (strongly typed inputs, outputs)

Page 14: PC Remote Management in Industrial Settings

Global MarketingConfidential14

WS-Man example Get request

Page 15: PC Remote Management in Industrial Settings

Global Marketing15

WS-Man example: Get response

Page 16: PC Remote Management in Industrial Settings

Global MarketingConfidential16

WS-CIM

WS-Man

CIM data types

CIM Actions

CIM Indications

Page 17: PC Remote Management in Industrial Settings

Global Marketing17 Confidential

Examples

Page 18: PC Remote Management in Industrial Settings

Global Marketing

Battery representation• This diagram represents battery classes in a notebook.

• Important to note the DesignCapacity and the FullChargeCapacity properties. They are used to determine the health of the battery

Page 19: PC Remote Management in Industrial Settings

Global Marketing

EC Detects a Problem

Console

PLDM message to indicate health change

CIM Indication to console

DASHMC

ECBattery

• EC generates a PLDM message with the appropriate message ID. The Management controller converts the message to a CIM Indication and forwards it to any management Console that has subscribed.

Page 20: PC Remote Management in Industrial Settings

Global Marketing

Enumerate Instances Flow

Console

Get_Device_Data and Get_PhysicalPackage_Data

Enumerate instances of CIM_Battery and CIM_PhysicalPackage

DASHMC

EC Battery

• The console interrogates for asset data

MC

TP

/PLD

M

Managed ElementsInactive ControllerActive Controller

Page 21: PC Remote Management in Industrial Settings

Global Marketing

The Response

Console

Response Data

Instances of CIM_Battery and CIM_PhysicalPackage returned

BatteryPkg1 : PhysicalPackage

Tag : 123456ABCDPackageType: BatteryCanBeFRUed : TrueElementName : 1Manufacturer : “Dell”SKU : 123456ABCDVendorEquipmentType : “8 Cell “

DASHMC

EC

MC

TP

/PLD

M

Battery

Active ControllerInactive ControllerManaged Elements

Page 22: PC Remote Management in Industrial Settings

Global Marketing

Dell™ OptiPlex™ XE Capabilities• The OptiPlex XE SIO reports post and pre-post

failures– Motherboard failure– CPU Thermtrip failure– CPU failure– Powersupply failure– Memory subsystemfailure– Memory DIMM failure– System firmware hang– Corrupt BIOS detected– PCI Configuration failure– Video subsystem failure– No memory detected– USB Subsystem failure– Storage Subsystem failure

Page 23: PC Remote Management in Industrial Settings

Global Marketing

BIOS Representation• This diagram represents BIOS classes in a system

Page 24: PC Remote Management in Industrial Settings

Global Marketing

Enumerate Instances Flow• The console interrogates for BIOS Attributes

Managed Elements

Inactive Controller

Active Controller

Console

• Enumerate instances of CIM_BIOSAttribue

DASHM

CTP

/P

LD

MMC

BIOS

Page 25: PC Remote Management in Industrial Settings

Global Marketing

EC detects a problem• BIOS generates PLDM describing it’s capabilities. The

management controller converts the message to CIM instances and replies to the management console

Console

PLDM messages to describe BIOS attributes

CIM Indication to console

MC

BIOS

DASH

Page 26: PC Remote Management in Industrial Settings

Global Marketing

Enumerate Instances Flow• The console sends new settings for BIOS

Managed ElementsInactive ControllerActive Controller

Console

• Console invokes the SetBIOSAttribuute() method providing the AttributeName and desired Value

DASHM

CTP

/P

LD

M

• The result is saved as a PendingValue until the system reboots

MC

BIOS

Page 27: PC Remote Management in Industrial Settings

Global Marketing

DASH Tools

• AMD– DASH SDK

› DASHCLI supports all functions described

– SCCM DASH Plugin– http://developer.amd.com/CPU/MANAGEABILITY/Pages/default.

aspx

• Altiris – DASH support currently in product.– Support for sensors and BIOS to be added September 2010

Page 28: PC Remote Management in Industrial Settings

Global Marketing28 Confidential

AMT vs. TruManage

Page 29: PC Remote Management in Industrial Settings

Global Marketing

vPro vs TruManage  AMT TruManage     Dash Profile Support 1.0/1.1 wireless 1.1

Internal Communications protocol ProprietaryDMTF Standard

PLDM/MCTP

BIOS Management No Yes

USB redirection (storage media; read only) No Yes

Text console redirection Yes Yes

Power management (soft-off) No Yes

IDE Redirect Yes No

Zero touch provisioning Yes YesSystem inventory/Asset Mgt Yes Yes

User account management Yes Yes

Offline mailboxes/Opaque management data Yes Yes

Indications Yes Yes

In-band NIC management No Yes

PLDM for sensors No Yes

Out-of-Band IPv6 phase-1 logo Yes Yes

Page 30: PC Remote Management in Industrial Settings

Global Marketing

vPro vs TruManage  AMT TruManage

Web GUI / HTML interface Yes Yes

Certificate authority integration Yes Yes

Out-of-band IPv6 phase-2 logo Yes Yes

Power Management (brute force) Yes Yes

Microsoft active directory & Kerberos integration Yes Yes

Event logging Yes Yes

Record log audit or security log Yes Yes

Network quarantining ("circuit breaker") Yes Yes

Agent Presence Yes No

ME Wake on LAN Yes Low Power

DNS Environment Detect Yes Yes

ISV Local access to Event Log Yes No

Wireless Support Yes No

Remote Configuration Yes Yes

WS-MAN Support Yes Yes

Client Initiated Remote Access Yes No

Intel AMT secure measure Yes N/A

Page 31: PC Remote Management in Industrial Settings

Global Marketing31 Confidential

Backup

Page 32: PC Remote Management in Industrial Settings

Global Marketing

PMCI Efforts

• MCTP – Management Component Transport Protocol– Message based internal “chip to chip” protocol.

• PLDM Platform Level Data Model– Defines the data sources and requirements

› Inventory data

› Sensor and indication sources

› BIOS source and interaction

• Used as communication path between management controller and other intelligent devices in the system.

– Dell implements an EC or SIO to aggregate sensors and in the case of diagnostics act as virtual sensor to indicate health state of the system.

Page 33: PC Remote Management in Industrial Settings

Global Marketing

CIM Indication over WS-Man benefits

• CIM_Indications over WS-Man have several benefits – Guaranteed delivery

› Automatic retry and receipt acknowledgement capability

– Rich with data and device specific information› Localizable event messages

› References to alerting component

› Apparent Severity

› Recommended Response Action information available

– Subscription Paradigm› Subscribe only to events/group of events desired

› Subscriptions are generated remotely – no need to physically touch the system

› Subscriptions are retained over reboots